As is known, secure communication systems provide a medium for users to transmit and receive sensitive information with reduced risk of eavesdropping by unauthorized parties. In a secure communication system, users manually load a key variable (used in the encryption process) into each communication unit by physically attaching a key variable loader to the unit. This limitation complicates key management in a system by making periodic key changes and interoperability of groups that normally use different key variables difficult. To provide for more efficient key management, over-the-air-rekeying (OTAR) was developed.
OTAR allows a fixed computer to send new key variables over the air to the communication units. This feature eliminates the need to physically attach a key variable loader to each communication unit, thus increasing both the efficiency and security of the rekeying process. For additional security, OTAR can be performed on one communication unit at a time or, for convenience, with groups of communication units.
When performing OTAR on a group of communication units within a trunked secure communication system, typically every communication unit associated with the particular group switches to an assigned channel to receive the rekeying information. The ideal scenario would be that every communication unit of the particular group is rekeyed on a first attempt. However, this is not typically the case. There are two options to remedy this scenario. One option is to individually page each communication unit to the OTAR channel and rekey them individually. This method increases key management terminal and communication resource loading. The other option is to continually page and rekey the entire group until all the desired communication units are rekeyed. This option takes active communication units off the control channel and rekeys them even if the unit had previously received the rekeying information. In this manner, previously rekeyed communication units are needlessly idled off the trunked system for each subsequent redundant group page rekey attempt. The more iterations required to rekey the group, the more idle time the subscriber will experience and the more loaded the key management terminal and the communication resource will be.
Therefore a need exists for a more efficient method to rekey a group of communication units that minimizes loading of the key management terminal and communication resources and does not needlessly take the communication units from the control channel when they have already been updated with the rekeying information.